WiredWX Christian Hobby Weather Tools
Would you like to react to this message? Create an account in a few clicks or log in to continue.

WiredWX Christian Hobby Weather ToolsLog in

 


System Fix

2 posters

descriptionSystem Fix EmptySystem Fix5th December 2011, 11:23 pm

more_horiz
Immediately after you guys helped me fix my "Vista Home Security 2012" issue, I was hit with this system fix thing. It is a nasty one! Crashes my pc, constant pop ups, loss of destop icons, errors galore, hd resources used. Pretty much you name it and this thing does it. Please help... Here are my logs:

OTL log:

OTL logfile created on: 12/5/2011 5:38:30 PM - Run 4
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Justin the Hutt\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19088)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 0.87 Gb Available Physical Memory | 43.64% Memory free
4.94 Gb Paging File | 3.64 Gb Available in Paging File | 73.73% Paging File free
Paging file location(s): c:\pagefile.sys 3067 4000 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 931.51 Gb Total Space | 610.68 Gb Free Space | 65.56% Space Free | Partition Type: NTFS
Drive E: | 647.36 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: HAL | User Name: Justin the Hutt | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/12/05 17:34:06 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Justin the Hutt\Desktop\OTL.com
PRC - [2011/12/05 08:19:33 | 000,374,784 | -H-- | M] () -- C:\ProgramData\WfLBCQ5ZZtAqZU.exe
PRC - [2011/12/05 08:12:38 | 000,472,064 | -H-- | M] () -- C:\ProgramData\fUOfWDexaNHOBg.exe
PRC - [2011/11/17 06:58:04 | 003,303,000 | -H-- | M] (Akamai Technologies, Inc) -- C:\Users\Justin the Hutt\AppData\Local\Akamai\netsession_win.exe
PRC - [2011/06/28 18:06:21 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2011/04/28 18:05:42 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2010/11/30 18:13:16 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010/10/16 12:42:12 | 000,792,680 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
PRC - [2010/10/16 11:46:40 | 000,369,256 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2010/10/13 11:41:00 | 002,954,608 | ---- | M] (Wacom Technology, Corp.) -- C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
PRC - [2010/10/13 11:41:00 | 000,416,112 | ---- | M] (Wacom Technology, Corp.) -- C:\Program Files\Tablet\Pen\Pen_TouchService.exe
PRC - [2010/10/13 11:40:54 | 004,869,488 | ---- | M] (Wacom Technology, Corp.) -- C:\Program Files\Tablet\Pen\Pen_Tablet.exe
PRC - [2010/10/13 11:40:54 | 001,153,392 | ---- | M] (Wacom Technology, Corp.) -- C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
PRC - [2010/05/05 15:56:06 | 000,251,392 | ---- | M] () -- C:\Program Files\Razer\DeathAdder\razerhid.exe
PRC - [2010/04/27 13:41:26 | 000,218,112 | ---- | M] () -- C:\Program Files\Razer\DeathAdder\razertra.exe
PRC - [2010/01/14 21:11:00 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2009/06/11 08:20:42 | 000,198,160 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2009/06/09 18:47:20 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/06/09 18:44:53 | 000,318,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rstrui.exe
PRC - [2009/05/01 12:52:24 | 000,082,600 | ---- | M] (Lexmark International Inc.) -- C:\Program Files\Lexmark 2400 Series\ezprint.exe
PRC - [2009/05/01 12:52:22 | 000,291,496 | ---- | M] () -- C:\Program Files\Lexmark 2400 Series\lxcrmon.exe
PRC - [2008/09/29 05:09:20 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
PRC - [2008/05/19 12:13:20 | 000,057,344 | ---- | M] (Nalpeiron Ltd.) -- C:\Windows\System32\ASTSRV.EXE
PRC - [2008/01/19 02:33:19 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PING.EXE
PRC - [2007/12/19 10:58:24 | 000,163,840 | ---- | M] (Razer Inc.) -- C:\Program Files\Razer\DeathAdder\razerofa.exe
PRC - [2007/08/30 13:04:54 | 000,364,192 | -H-- | M] () -- C:\Windows\System32\atwtusb.exe
PRC - [2006/12/11 11:12:06 | 000,537,520 | ---- | M] ( ) -- C:\Windows\System32\lxcrcoms.exe
PRC - [2006/11/02 04:44:50 | 000,016,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\attrib.exe


========== Modules (No Company Name) ==========

MOD - [2011/12/05 08:19:33 | 000,374,784 | -H-- | M] () -- C:\ProgramData\WfLBCQ5ZZtAqZU.exe
MOD - [2011/12/05 08:12:38 | 000,472,064 | -H-- | M] () -- C:\ProgramData\fUOfWDexaNHOBg.exe
MOD - [2010/10/13 11:41:00 | 000,962,416 | ---- | M] () -- C:\Program Files\Tablet\Pen\libxml2.dll
MOD - [2010/05/05 15:56:06 | 000,251,392 | ---- | M] () -- C:\Program Files\Razer\DeathAdder\razerhid.exe
MOD - [2010/04/27 13:41:26 | 000,218,112 | ---- | M] () -- C:\Program Files\Razer\DeathAdder\razertra.exe
MOD - [2009/06/11 08:20:47 | 000,008,704 | ---- | M] () -- C:\Program Files\Real\RealPlayer\rpchromebrowserrecordhelper.dll
MOD - [2009/05/01 12:52:22 | 000,291,496 | ---- | M] () -- C:\Program Files\Lexmark 2400 Series\lxcrmon.exe
MOD - [2008/01/19 02:35:15 | 000,223,232 | ---- | M] () -- \\?\globalroot\systemroot\system32\mswsock.dll
MOD - [2008/01/19 02:35:15 | 000,223,232 | ---- | M] () -- \\.\globalroot\systemroot\system32\mswsock.dll
MOD - [2006/08/08 14:54:18 | 000,278,528 | ---- | M] () -- C:\Program Files\Lexmark 2400 Series\lxcrscw.dll
MOD - [2006/05/25 15:20:44 | 000,241,664 | ---- | M] () -- C:\Program Files\Lexmark 2400 Series\iptk.dll
MOD - [2005/12/29 10:34:22 | 000,143,360 | ---- | M] () -- C:\Program Files\Lexmark 2400 Series\lxcrdrec.dll


========== Win32 Services (SafeList) ==========

SRV - [2011/11/17 20:19:21 | 003,313,752 | ---- | M] () [Auto | Running] -- c:\program files\common files\akamai/netsession_win_d768ebc.dll -- (Akamai)
SRV - [2011/06/28 18:06:21 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011/04/28 18:05:42 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010/10/16 11:46:40 | 000,369,256 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010/10/13 11:41:00 | 000,416,112 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\Tablet\Pen\Pen_TouchService.exe -- (TouchServicePen)
SRV - [2010/10/13 11:40:54 | 004,869,488 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\Tablet\Pen\Pen_Tablet.exe -- (TabletServicePen)
SRV - [2009/06/16 12:35:47 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2008/09/29 05:09:20 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2008/05/19 12:13:20 | 000,057,344 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\Windows\System32\ASTSRV.EXE -- (ASTSRV)
SRV - [2007/08/30 13:04:54 | 000,364,192 | -H-- | M] () [Auto | Running] -- C:\Windows\System32\atwtusb.exe -- (WTService)
SRV - [2006/12/11 11:12:06 | 000,537,520 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\lxcrcoms.exe -- (lxcr_device)


========== Driver Services (SafeList) ==========

DRV - [2011/06/28 18:06:21 | 000,138,192 | -H-- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2011/06/28 18:06:21 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010/10/16 13:55:00 | 010,084,360 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2010/10/05 13:26:10 | 000,016,240 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wacmoumonitor.sys -- (wacmoumonitor)
DRV - [2010/10/05 13:26:00 | 000,014,120 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wacomvhid.sys -- (wacomvhid)
DRV - [2010/06/17 14:27:22 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009/12/21 20:50:16 | 000,005,760 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vHidDev.sys -- (vHidDev)
DRV - [2009/09/04 16:38:28 | 000,025,728 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\androidusb.sys -- (androidusb)
DRV - [2009/04/21 16:58:42 | 000,011,136 | ---- | M] (Razer (Asia-Pacific) Pte Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\danew.sys -- (danewFltr)
DRV - [2009/02/24 17:42:14 | 000,116,736 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mcdbus.sys -- (mcdbus)
DRV - [2009/02/13 11:35:05 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2008/11/16 21:06:36 | 001,143,808 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\P17.sys -- (P17)
DRV - [2008/01/19 00:49:51 | 000,067,072 | -H-- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\cdrom.sys -- (cdrom)
DRV - [2008/01/18 23:25:05 | 000,220,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel(R)
DRV - [2007/03/11 14:12:00 | 000,256,000 | ---- | M] (Ralink Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WUSB54GCx86.sys -- (netr73)
DRV - [2007/02/16 09:12:36 | 000,011,312 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wacommousefilter.sys -- (wacommousefilter)
DRV - [2006/11/02 02:41:53 | 000,251,904 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VSTBS23.SYS -- (VSTHWBS2)
DRV - [2005/11/02 09:54:44 | 000,011,596 | ---- | M] (Razer (Asia-Pacific) Pte Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\copperhd.sys -- (UsbFltr)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.facebook.com/notifications.php#!/?ref=logo
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 53 9D 5F 0D 5C 39 CA 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = ;192.168.*.*
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:5555

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Bing"
FF - prefs.js..browser.search.defaulturl: "http://www.bing.com/search?FORM=DCF4DF&PC=DCF4&q="
FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "https://www.facebook.com/home.php?ref=hp"
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..keyword.URL: "http://www.bing.com/search?FORM=DCF4DF&PC=DCF4&q="
FF - prefs.js..network.proxy.no_proxies_on: "*.local"

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpWinExt,version=5.0: C:\Program Files\MSN Toolbar\Platform\5.0.1423.0\npwinext.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.69: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.3: C:\Program Files\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.5: C:\Program Files\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Justin the Hutt\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Justin the Hutt\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Program Files\Real\RealPlayer\browserrecord [2009/06/11 08:20:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\msntoolbar@msn.com: C:\Program Files\MSN Toolbar\Platform\5.0.1423.0\Firefox [2010/09/06 15:26:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2010/09/07 09:00:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/03/03 14:25:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/11/30 22:03:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/11/30 22:04:12 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/03/03 14:25:19 | 000,000,000 | ---D | M]

[2009/07/03 13:39:15 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Justin the Hutt\AppData\Roaming\Mozilla\Extensions
[2011/11/30 22:07:04 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Justin the Hutt\AppData\Roaming\Mozilla\Firefox\Profiles\pq5fbrn1.default\extensions
[2011/12/05 14:22:41 | 000,000,000 | -H-D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Justin the Hutt\AppData\Roaming\Mozilla\Firefox\Profiles\pq5fbrn1.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/12/05 14:22:41 | 000,000,000 | -H-D | M] (Greasemonkey) -- C:\Users\Justin the Hutt\AppData\Roaming\Mozilla\Firefox\Profiles\pq5fbrn1.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2011/12/05 14:22:42 | 000,000,000 | -H-D | M] (MediaBar) -- C:\Users\Justin the Hutt\AppData\Roaming\Mozilla\Firefox\Profiles\pq5fbrn1.default\extensions\{E84D42CA-64EB-11DE-A65F-8C3656D89593}
[2009/07/17 18:02:48 | 000,002,476 | -H-- | M] () -- C:\Users\Justin the Hutt\AppData\Roaming\Mozilla\Firefox\Profiles\pq5fbrn1.default\searchplugins\BearShareWebSearch.xml
[2010/10/23 18:02:21 | 000,001,840 | -H-- | M] () -- C:\Users\Justin the Hutt\AppData\Roaming\Mozilla\Firefox\Profiles\pq5fbrn1.default\searchplugins\bing.xml
[2011/11/30 22:03:10 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/11/20 23:04:51 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2009/11/06 11:37:19 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npCouponPrinter.dll
[2011/02/02 20:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2009/11/06 11:37:20 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npMozCouponPrinter.dll
[2010/03/23 12:59:54 | 000,002,191 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2009/07/17 18:02:48 | 000,002,476 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\BearShareWebSearch.xml
[2011/11/20 20:04:05 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/11/20 20:04:05 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Bing (Enabled)
CHR - default_search_provider: search_url = http://www.bing.com/search?setmkt=en-US&q={searchTerms}
CHR - default_search_provider: suggest_url = http://api.bing.com/osjson.aspx?query={searchTerms}&language={language}
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Justin the Hutt\AppData\Local\Google\Chrome\Application\15.0.874.121\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.240.7 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U24 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdivx32.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll
CHR - plugin: Microsoft Office 2003 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFFICE.DLL
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Justin the Hutt\AppData\Local\Google\Chrome\Application\15.0.874.121\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Justin the Hutt\AppData\Local\Google\Chrome\Application\15.0.874.121\pdf.dll
CHR - plugin: Coupons Inc., Coupon Printer Manager (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npCouponPrinter.dll
CHR - plugin: Coupons Inc., Coupon Printer Manager (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npMozCouponPrinter.dll
CHR - plugin: DivX Player Netscape Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: Bing Bar (Enabled) = C:\Program Files\MSN Toolbar\Platform\5.0.1423.0\npwinext.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll
CHR - plugin: Wacom Dynamic Link Library (Enabled) = C:\Program Files\TabletPlugins\npwacom.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Justin the Hutt\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: ICE Quick Stream = C:\Users\Justin the Hutt\AppData\Local\Google\Chrome\User Data\Default\Extensions\mapljocpedaolbooelchgnkkaplpadgp\1.0\

Hosts file not found
O2 - BHO: (IE7Pro BHO) - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files\IEPro\IEPro.dll (IE7Pro.com)
O2 - BHO: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O3 - HKLM\..\Toolbar: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O3 - HKLM\..\Toolbar: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\IEPro\IEProRecorder.dll ()
O3 - HKCU\..\Toolbar\ShellBrowser: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\IEPro\IEProRecorder.dll ()
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [CarboniteSetupLite] C:\Program Files\Carbonite\CarbonitePreinstaller.exe (Carbonite, Inc.)
O4 - HKLM..\Run: [DA755CAE-D65B-CE23-5DDF-321EE4382854] C:\Windows\System32\DA755CAE-D65B-CE23-5DDF-321EE4382854.avi (CyberLink)
O4 - HKLM..\Run: [DeathAdder] C:\Program Files\Razer\DeathAdder\razerhid.exe ()
O4 - HKLM..\Run: [EzPrint] C:\Program Files\Lexmark 2400 Series\ezprint.exe (Lexmark International Inc.)
O4 - HKLM..\Run: [LXCRCATS] C:\Windows\System32\spool\DRIVERS\W32X86\3\LXCRtime.DLL (Lexmark International Inc.)
O4 - HKLM..\Run: [lxcrmon.exe] C:\Program Files\Lexmark 2400 Series\lxcrmon.exe ()
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [P17RunE] C:\Windows\System32\P17RunE.dll (Creative Technology Ltd.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\Justin the Hutt\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc)
O4 - HKCU..\Run: [fUOfWDexaNHOBg.exe] C:\ProgramData\fUOfWDexaNHOBg.exe ()
O4 - HKCU..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - Startup: C:\Users\Justin the Hutt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ZooskMessenger.lnk = File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: IE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - C:\Program Files\IEPro\IEPro.dll (IE7Pro.com)
O9 - Extra 'Tools' menuitem : IE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - C:\Program Files\IEPro\IEPro.dll (IE7Pro.com)
O9 - Extra Button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\IEPro.dll (IE7Pro.com)
O9 - Extra 'Tools' menuitem : IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\IEPro.dll (IE7Pro.com)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab (System Requirements Lab Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} https://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5C57BEC1-EA59-4588-A4AB-3F6ABEC1CB9A}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6301A938-9ED8-4E48-A86F-15E2DC61C36A}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6301A938-9ED8-4E48-A86F-15E2DC61C36A}: NameServer = 8.8.8.8,8.8.4.4
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Justin the Hutt\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Justin the Hutt\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O35 - HKCU\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found


SafeBootMin: AppMgmt - File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PEVSystemStart - Service
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: procexp90.Sys - Driver
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: AppMgmt - File not found
SafeBootNet: Base - Driver Group
SafeBootNet: BFE - Service
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: MPSSvc - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PEVSystemStart - Service
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: procexp90.Sys - Driver
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - Service
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

Drivers32: msacm.ac3filter - C:\Windows\System32\ac3filter.acm ()
Drivers32: msacm.avis - C:\Windows\System32\ff_acm.acm ()
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Windows\System32\ff_vfw.dll ()
Drivers32: vidc.XVID - C:\Windows\System32\xvidvfw.dll ()

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2011/12/05 17:33:56 | 000,584,192 | -H-- | C] (OldTimer Tools) -- C:\Users\Justin the Hutt\Desktop\OTL.com
[2011/12/05 13:03:13 | 000,128,512 | -HS- | C] (CyberLink) -- C:\Windows\System32\DA755CAE-D65B-CE23-5DDF-321EE4382854.avi
[2011/12/05 13:03:13 | 000,128,512 | -HS- | C] (CyberLink) -- C:\ProgramData\DA755CAE-D65B-CE23-5DDF-321EE4382854.avi
[2011/12/05 13:03:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security Defender
[2011/12/05 13:03:13 | 000,000,000 | ---D | C] -- C:\Program Files\Security Defender
[2011/12/05 08:25:00 | 000,000,000 | -H-D | C] -- C:\Users\Justin the Hutt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Fix
[2011/12/03 12:02:59 | 000,000,000 | --SD | C] -- C:\Commy15704C
[2011/12/03 11:52:17 | 000,324,608 | -H-- | C] (Microsoft Corporation) -- C:\Users\Justin the Hutt\Documents\g0N6o8W.exe
[2011/12/03 11:52:13 | 000,272,384 | -H-- | C] (Microsoft Corporation) -- C:\Users\Justin the Hutt\AppData\Local\nas.exe
[2011/12/02 12:50:48 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2011/11/30 22:05:56 | 000,000,000 | -H-D | C] -- C:\Users\Justin the Hutt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AC3Filter
[2011/11/30 22:04:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX
[2011/11/30 21:46:02 | 014,761,224 | -H-- | C] (Mozilla) -- C:\Users\Justin the Hutt\Desktop\Firefox Setup 8.0.1.exe
[2011/11/30 21:36:37 | 003,552,208 | -H-- | C] (Piriform Ltd) -- C:\Users\Justin the Hutt\Desktop\ccsetup313.exe
[2011/11/30 21:33:22 | 004,780,600 | -H-- | C] (DivX, Inc.) -- C:\Users\Justin the Hutt\Desktop\DivXWebPlayerInstallerv15.exe
[2011/11/30 20:25:25 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2011/11/30 19:59:57 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2011/11/30 19:59:57 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2011/11/30 19:59:57 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2011/11/30 19:59:52 | 000,000,000 | -H-D | C] -- C:\Commy
[2011/11/30 19:59:49 | 000,000,000 | -H-D | C] -- C:\Qoobox
[2011/11/30 18:04:42 | 001,916,416 | -H-- | C] (AVAST Software) -- C:\Users\Justin the Hutt\Desktop\aswMBR.exe
[2011/11/09 19:13:25 | 000,000,000 | -H-D | C] -- C:\Users\Justin the Hutt\AppData\Local\Akamai
[2011/11/09 08:40:05 | 000,000,000 | -H-D | C] -- C:\Temp
[2011/11/09 08:28:55 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Motorola Shared
[2011/11/09 08:28:54 | 000,000,000 | ---D | C] -- C:\Program Files\Motorola
[2011/11/05 18:15:09 | 000,000,000 | -H-D | C] -- C:\Users\Justin the Hutt\Documents\RCT3
[2011/11/05 18:15:09 | 000,000,000 | -H-D | C] -- C:\Users\Justin the Hutt\AppData\Roaming\Atari
[2010/07/25 09:12:51 | 001,224,704 | ---- | C] ( ) -- C:\Windows\System32\lxcrserv.dll
[2010/07/25 09:12:51 | 000,991,232 | ---- | C] ( ) -- C:\Windows\System32\lxcrusb1.dll
[2010/07/25 09:12:51 | 000,643,072 | ---- | C] ( ) -- C:\Windows\System32\lxcrpmui.dll
[2010/07/25 09:12:51 | 000,585,728 | ---- | C] ( ) -- C:\Windows\System32\lxcrlmpm.dll
[2010/07/25 09:12:51 | 000,413,696 | ---- | C] ( ) -- C:\Windows\System32\lxcrinpa.dll
[2010/07/25 09:12:51 | 000,397,312 | ---- | C] ( ) -- C:\Windows\System32\lxcriesc.dll
[2010/07/25 09:12:51 | 000,323,584 | ---- | C] ( ) -- C:\Windows\System32\LXCRhcp.dll
[2010/07/25 09:12:51 | 000,163,840 | ---- | C] ( ) -- C:\Windows\System32\lxcrprox.dll
[2010/07/25 09:12:51 | 000,094,208 | ---- | C] ( ) -- C:\Windows\System32\lxcrpplc.dll
[2010/07/25 09:12:50 | 000,684,032 | ---- | C] ( ) -- C:\Windows\System32\lxcrcomc.dll
[2010/07/25 09:12:50 | 000,537,520 | ---- | C] ( ) -- C:\Windows\System32\lxcrcoms.exe
[2010/07/25 09:12:50 | 000,421,888 | ---- | C] ( ) -- C:\Windows\System32\lxcrcomm.dll
[2010/07/25 09:12:50 | 000,385,968 | ---- | C] ( ) -- C:\Windows\System32\lxcrih.exe
[2009/12/23 13:22:22 | 000,047,360 | -H-- | C] (VSO Software) -- C:\Users\Justin the Hutt\AppData\Roaming\pcouffin.sys

========== Files - Modified Within 30 Days ==========

[2011/12/05 17:42:25 | 000,000,948 | -H-- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-102117945-2110181670-3325598433-1000UA.job
[2011/12/05 17:36:31 | 000,879,649 | -H-- | M] () -- C:\Users\Justin the Hutt\Desktop\SecurityCheck.exe
[2011/12/05 17:35:53 | 001,916,416 | -H-- | M] (AVAST Software) -- C:\Users\Justin the Hutt\Desktop\aswMBR.exe
[2011/12/05 17:34:06 | 000,584,192 | -H-- | M] (OldTimer Tools) -- C:\Users\Justin the Hutt\Desktop\OTL.com
[2011/12/05 17:33:44 | 000,003,664 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/12/05 17:33:44 | 000,003,664 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/12/05 17:24:30 | 000,000,625 | -H-- | M] () -- C:\Users\Justin the Hutt\Application Data\Microsoft\Internet Explorer\Quick Launch\System Fix.lnk
[2011/12/05 14:31:33 | 000,604,264 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/12/05 14:31:33 | 000,103,964 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/12/05 14:26:10 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/12/05 14:26:03 | 2145,308,672 | -HS- | M] () -- C:\hiberfil.sys
[2011/12/05 13:03:13 | 000,128,512 | -HS- | M] (CyberLink) -- C:\Windows\System32\DA755CAE-D65B-CE23-5DDF-321EE4382854.avi
[2011/12/05 13:03:13 | 000,128,512 | -HS- | M] (CyberLink) -- C:\ProgramData\DA755CAE-D65B-CE23-5DDF-321EE4382854.avi
[2011/12/05 13:03:13 | 000,001,758 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\DA755CAE-D65B-CE23-5DDF-321EE4382854.lnk
[2011/12/05 08:26:41 | 000,000,456 | -H-- | M] () -- C:\ProgramData\WfLBCQ5ZZtAqZU
[2011/12/05 08:25:16 | 000,000,312 | -H-- | M] () -- C:\ProgramData\~WfLBCQ5ZZtAqZU
[2011/12/05 08:25:16 | 000,000,216 | -H-- | M] () -- C:\ProgramData\~WfLBCQ5ZZtAqZUr
[2011/12/05 08:25:00 | 000,000,601 | -H-- | M] () -- C:\Users\Justin the Hutt\Desktop\System Fix.lnk
[2011/12/05 08:19:33 | 000,374,784 | -H-- | M] () -- C:\ProgramData\WfLBCQ5ZZtAqZU.exe
[2011/12/05 08:12:38 | 000,472,064 | -H-- | M] () -- C:\ProgramData\fUOfWDexaNHOBg.exe
[2011/12/05 08:05:41 | 232,402,507 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/12/04 22:41:00 | 000,000,896 | -H-- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-102117945-2110181670-3325598433-1000Core.job
[2011/12/04 16:15:05 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2011/12/03 11:56:03 | 000,005,086 | -HS- | M] () -- C:\Users\Justin the Hutt\AppData\Local\683285b1h072q774s634q6wpl2x4
[2011/12/03 11:56:03 | 000,005,086 | -HS- | M] () -- C:\ProgramData\683285b1h072q774s634q6wpl2x4
[2011/12/03 11:52:17 | 000,324,608 | -H-- | M] (Microsoft Corporation) -- C:\Users\Justin the Hutt\Documents\g0N6o8W.exe
[2011/12/03 11:52:13 | 000,272,384 | -H-- | M] (Microsoft Corporation) -- C:\Users\Justin the Hutt\AppData\Local\nas.exe
[2011/11/30 22:04:10 | 000,001,404 | -H-- | M] () -- C:\Users\Justin the Hutt\Desktop\DivX Movies.lnk
[2011/11/30 21:54:10 | 000,000,848 | -H-- | M] () -- C:\Users\Justin the Hutt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ZooskMessenger.lnk
[2011/11/30 21:46:43 | 002,392,722 | -H-- | M] () -- C:\Users\Justin the Hutt\Desktop\ac3filter_1_46.exe
[2011/11/30 21:46:21 | 014,761,224 | -H-- | M] (Mozilla) -- C:\Users\Justin the Hutt\Desktop\Firefox Setup 8.0.1.exe
[2011/11/30 21:36:38 | 003,552,208 | -H-- | M] (Piriform Ltd) -- C:\Users\Justin the Hutt\Desktop\ccsetup313.exe
[2011/11/30 21:33:22 | 004,780,600 | -H-- | M] (DivX, Inc.) -- C:\Users\Justin the Hutt\Desktop\DivXWebPlayerInstallerv15.exe
[2011/11/30 19:37:14 | 000,010,772 | -HS- | M] () -- C:\Users\Justin the Hutt\AppData\Local\i8ac80i1sa4avk
[2011/11/30 19:37:14 | 000,010,772 | -HS- | M] () -- C:\ProgramData\i8ac80i1sa4avk
[2011/11/30 17:40:12 | 084,358,288 | -H-- | M] () -- C:\Users\Justin the Hutt\Desktop\avira_free_antivirus_en.exe
[2011/11/30 07:50:37 | 001,196,746 | -H-- | M] () -- C:\Users\Justin the Hutt\Desktop\Shirt_Template_by_IKorteXI.eps
[2011/11/30 07:50:05 | 000,603,624 | -H-- | M] () -- C:\Users\Justin the Hutt\Desktop\daves shirt.ai
[2011/11/25 18:18:27 | 000,049,664 | -H-- | M] () -- C:\Users\Justin the Hutt\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/11/24 09:20:50 | 613,215,960 | -H-- | M] () -- C:\Users\Justin the Hutt\Desktop\The_Thing_2011_R5_LiNE_XviD_-_MiSTERE2.avi
[2011/11/24 09:08:40 | 614,780,552 | -H-- | M] () -- C:\Users\Justin the Hutt\Desktop\The_Thing_2011_R5_LiNE_XviD_-_MiSTERE1.avi
[2011/11/22 21:16:06 | 000,000,071 | -H-- | M] () -- C:\Users\Justin the Hutt\Desktop\Unzipped Face Tutorial - Zombies.ws.URL
[2011/11/17 20:42:43 | 000,002,092 | -H-- | M] () -- C:\Users\Justin the Hutt\Desktop\Google Chrome.lnk

descriptionSystem Fix EmptyRe: System Fix6th December 2011, 12:25 am

more_horiz
Starting over system keeps crashing...

descriptionSystem Fix EmptyRe: System Fix6th December 2011, 12:26 am

more_horiz
OTL logfile created on: 12/5/2011 5:38:30 PM - Run 4
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Justin the Hutt\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19088)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 0.87 Gb Available Physical Memory | 43.64% Memory free
4.94 Gb Paging File | 3.64 Gb Available in Paging File | 73.73% Paging File free
Paging file location(s): c:\pagefile.sys 3067 4000 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 931.51 Gb Total Space | 610.68 Gb Free Space | 65.56% Space Free | Partition Type: NTFS
Drive E: | 647.36 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: HAL | User Name: Justin the Hutt | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/12/05 17:34:06 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Justin the Hutt\Desktop\OTL.com
PRC - [2011/12/05 08:19:33 | 000,374,784 | -H-- | M] () -- C:\ProgramData\WfLBCQ5ZZtAqZU.exe
PRC - [2011/12/05 08:12:38 | 000,472,064 | -H-- | M] () -- C:\ProgramData\fUOfWDexaNHOBg.exe
PRC - [2011/11/17 06:58:04 | 003,303,000 | -H-- | M] (Akamai Technologies, Inc) -- C:\Users\Justin the Hutt\AppData\Local\Akamai\netsession_win.exe
PRC - [2011/06/28 18:06:21 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2011/04/28 18:05:42 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2010/11/30 18:13:16 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010/10/16 12:42:12 | 000,792,680 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
PRC - [2010/10/16 11:46:40 | 000,369,256 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2010/10/13 11:41:00 | 002,954,608 | ---- | M] (Wacom Technology, Corp.) -- C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
PRC - [2010/10/13 11:41:00 | 000,416,112 | ---- | M] (Wacom Technology, Corp.) -- C:\Program Files\Tablet\Pen\Pen_TouchService.exe
PRC - [2010/10/13 11:40:54 | 004,869,488 | ---- | M] (Wacom Technology, Corp.) -- C:\Program Files\Tablet\Pen\Pen_Tablet.exe
PRC - [2010/10/13 11:40:54 | 001,153,392 | ---- | M] (Wacom Technology, Corp.) -- C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
PRC - [2010/05/05 15:56:06 | 000,251,392 | ---- | M] () -- C:\Program Files\Razer\DeathAdder\razerhid.exe
PRC - [2010/04/27 13:41:26 | 000,218,112 | ---- | M] () -- C:\Program Files\Razer\DeathAdder\razertra.exe
PRC - [2010/01/14 21:11:00 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2009/06/11 08:20:42 | 000,198,160 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2009/06/09 18:47:20 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/06/09 18:44:53 | 000,318,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rstrui.exe
PRC - [2009/05/01 12:52:24 | 000,082,600 | ---- | M] (Lexmark International Inc.) -- C:\Program Files\Lexmark 2400 Series\ezprint.exe
PRC - [2009/05/01 12:52:22 | 000,291,496 | ---- | M] () -- C:\Program Files\Lexmark 2400 Series\lxcrmon.exe
PRC - [2008/09/29 05:09:20 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
PRC - [2008/05/19 12:13:20 | 000,057,344 | ---- | M] (Nalpeiron Ltd.) -- C:\Windows\System32\ASTSRV.EXE
PRC - [2008/01/19 02:33:19 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PING.EXE
PRC - [2007/12/19 10:58:24 | 000,163,840 | ---- | M] (Razer Inc.) -- C:\Program Files\Razer\DeathAdder\razerofa.exe
PRC - [2007/08/30 13:04:54 | 000,364,192 | -H-- | M] () -- C:\Windows\System32\atwtusb.exe
PRC - [2006/12/11 11:12:06 | 000,537,520 | ---- | M] ( ) -- C:\Windows\System32\lxcrcoms.exe
PRC - [2006/11/02 04:44:50 | 000,016,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\attrib.exe


========== Modules (No Company Name) ==========

MOD - [2011/12/05 08:19:33 | 000,374,784 | -H-- | M] () -- C:\ProgramData\WfLBCQ5ZZtAqZU.exe
MOD - [2011/12/05 08:12:38 | 000,472,064 | -H-- | M] () -- C:\ProgramData\fUOfWDexaNHOBg.exe
MOD - [2010/10/13 11:41:00 | 000,962,416 | ---- | M] () -- C:\Program Files\Tablet\Pen\libxml2.dll
MOD - [2010/05/05 15:56:06 | 000,251,392 | ---- | M] () -- C:\Program Files\Razer\DeathAdder\razerhid.exe
MOD - [2010/04/27 13:41:26 | 000,218,112 | ---- | M] () -- C:\Program Files\Razer\DeathAdder\razertra.exe
MOD - [2009/06/11 08:20:47 | 000,008,704 | ---- | M] () -- C:\Program Files\Real\RealPlayer\rpchromebrowserrecordhelper.dll
MOD - [2009/05/01 12:52:22 | 000,291,496 | ---- | M] () -- C:\Program Files\Lexmark 2400 Series\lxcrmon.exe
MOD - [2008/01/19 02:35:15 | 000,223,232 | ---- | M] () -- \\?\globalroot\systemroot\system32\mswsock.dll
MOD - [2008/01/19 02:35:15 | 000,223,232 | ---- | M] () -- \\.\globalroot\systemroot\system32\mswsock.dll
MOD - [2006/08/08 14:54:18 | 000,278,528 | ---- | M] () -- C:\Program Files\Lexmark 2400 Series\lxcrscw.dll
MOD - [2006/05/25 15:20:44 | 000,241,664 | ---- | M] () -- C:\Program Files\Lexmark 2400 Series\iptk.dll
MOD - [2005/12/29 10:34:22 | 000,143,360 | ---- | M] () -- C:\Program Files\Lexmark 2400 Series\lxcrdrec.dll


========== Win32 Services (SafeList) ==========

SRV - [2011/11/17 20:19:21 | 003,313,752 | ---- | M] () [Auto | Running] -- c:\program files\common files\akamai/netsession_win_d768ebc.dll -- (Akamai)
SRV - [2011/06/28 18:06:21 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011/04/28 18:05:42 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010/10/16 11:46:40 | 000,369,256 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010/10/13 11:41:00 | 000,416,112 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\Tablet\Pen\Pen_TouchService.exe -- (TouchServicePen)
SRV - [2010/10/13 11:40:54 | 004,869,488 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\Tablet\Pen\Pen_Tablet.exe -- (TabletServicePen)
SRV - [2009/06/16 12:35:47 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2008/09/29 05:09:20 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2008/05/19 12:13:20 | 000,057,344 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\Windows\System32\ASTSRV.EXE -- (ASTSRV)
SRV - [2007/08/30 13:04:54 | 000,364,192 | -H-- | M] () [Auto | Running] -- C:\Windows\System32\atwtusb.exe -- (WTService)
SRV - [2006/12/11 11:12:06 | 000,537,520 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\lxcrcoms.exe -- (lxcr_device)


========== Driver Services (SafeList) ==========

DRV - [2011/06/28 18:06:21 | 000,138,192 | -H-- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2011/06/28 18:06:21 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010/10/16 13:55:00 | 010,084,360 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2010/10/05 13:26:10 | 000,016,240 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wacmoumonitor.sys -- (wacmoumonitor)
DRV - [2010/10/05 13:26:00 | 000,014,120 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wacomvhid.sys -- (wacomvhid)
DRV - [2010/06/17 14:27:22 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009/12/21 20:50:16 | 000,005,760 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vHidDev.sys -- (vHidDev)
DRV - [2009/09/04 16:38:28 | 000,025,728 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\androidusb.sys -- (androidusb)
DRV - [2009/04/21 16:58:42 | 000,011,136 | ---- | M] (Razer (Asia-Pacific) Pte Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\danew.sys -- (danewFltr)
DRV - [2009/02/24 17:42:14 | 000,116,736 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mcdbus.sys -- (mcdbus)
DRV - [2009/02/13 11:35:05 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2008/11/16 21:06:36 | 001,143,808 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\P17.sys -- (P17)
DRV - [2008/01/19 00:49:51 | 000,067,072 | -H-- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\cdrom.sys -- (cdrom)
DRV - [2008/01/18 23:25:05 | 000,220,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel(R)
DRV - [2007/03/11 14:12:00 | 000,256,000 | ---- | M] (Ralink Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WUSB54GCx86.sys -- (netr73)
DRV - [2007/02/16 09:12:36 | 000,011,312 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wacommousefilter.sys -- (wacommousefilter)
DRV - [2006/11/02 02:41:53 | 000,251,904 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VSTBS23.SYS -- (VSTHWBS2)
DRV - [2005/11/02 09:54:44 | 000,011,596 | ---- | M] (Razer (Asia-Pacific) Pte Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\copperhd.sys -- (UsbFltr)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.facebook.com/notifications.php#!/?ref=logo
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 53 9D 5F 0D 5C 39 CA 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = ;192.168.*.*
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:5555

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Bing"
FF - prefs.js..browser.search.defaulturl: "http://www.bing.com/search?FORM=DCF4DF&PC=DCF4&q="
FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "https://www.facebook.com/home.php?ref=hp"
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..keyword.URL: "http://www.bing.com/search?FORM=DCF4DF&PC=DCF4&q="
FF - prefs.js..network.proxy.no_proxies_on: "*.local"

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpWinExt,version=5.0: C:\Program Files\MSN Toolbar\Platform\5.0.1423.0\npwinext.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.69: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.3: C:\Program Files\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.5: C:\Program Files\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Justin the Hutt\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Justin the Hutt\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Program Files\Real\RealPlayer\browserrecord [2009/06/11 08:20:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\msntoolbar@msn.com: C:\Program Files\MSN Toolbar\Platform\5.0.1423.0\Firefox [2010/09/06 15:26:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2010/09/07 09:00:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/03/03 14:25:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/11/30 22:03:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/11/30 22:04:12 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/03/03 14:25:19 | 000,000,000 | ---D | M]

[2009/07/03 13:39:15 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Justin the Hutt\AppData\Roaming\Mozilla\Extensions
[2011/11/30 22:07:04 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Justin the Hutt\AppData\Roaming\Mozilla\Firefox\Profiles\pq5fbrn1.default\extensions
[2011/12/05 14:22:41 | 000,000,000 | -H-D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Justin the Hutt\AppData\Roaming\Mozilla\Firefox\Profiles\pq5fbrn1.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/12/05 14:22:41 | 000,000,000 | -H-D | M] (Greasemonkey) -- C:\Users\Justin the Hutt\AppData\Roaming\Mozilla\Firefox\Profiles\pq5fbrn1.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2011/12/05 14:22:42 | 000,000,000 | -H-D | M] (MediaBar) -- C:\Users\Justin the Hutt\AppData\Roaming\Mozilla\Firefox\Profiles\pq5fbrn1.default\extensions\{E84D42CA-64EB-11DE-A65F-8C3656D89593}
[2009/07/17 18:02:48 | 000,002,476 | -H-- | M] () -- C:\Users\Justin the Hutt\AppData\Roaming\Mozilla\Firefox\Profiles\pq5fbrn1.default\searchplugins\BearShareWebSearch.xml
[2010/10/23 18:02:21 | 000,001,840 | -H-- | M] () -- C:\Users\Justin the Hutt\AppData\Roaming\Mozilla\Firefox\Profiles\pq5fbrn1.default\searchplugins\bing.xml
[2011/11/30 22:03:10 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/11/20 23:04:51 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2009/11/06 11:37:19 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npCouponPrinter.dll
[2011/02/02 20:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2009/11/06 11:37:20 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npMozCouponPrinter.dll
[2010/03/23 12:59:54 | 000,002,191 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2009/07/17 18:02:48 | 000,002,476 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\BearShareWebSearch.xml
[2011/11/20 20:04:05 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/11/20 20:04:05 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Bing (Enabled)
CHR - default_search_provider: search_url = http://www.bing.com/search?setmkt=en-US&q={searchTerms}
CHR - default_search_provider: suggest_url = http://api.bing.com/osjson.aspx?query={searchTerms}&language={language}
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Justin the Hutt\AppData\Local\Google\Chrome\Application\15.0.874.121\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.240.7 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U24 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdivx32.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll
CHR - plugin: Microsoft Office 2003 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFFICE.DLL
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Justin the Hutt\AppData\Local\Google\Chrome\Application\15.0.874.121\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Justin the Hutt\AppData\Local\Google\Chrome\Application\15.0.874.121\pdf.dll
CHR - plugin: Coupons Inc., Coupon Printer Manager (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npCouponPrinter.dll
CHR - plugin: Coupons Inc., Coupon Printer Manager (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npMozCouponPrinter.dll
CHR - plugin: DivX Player Netscape Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: Bing Bar (Enabled) = C:\Program Files\MSN Toolbar\Platform\5.0.1423.0\npwinext.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll
CHR - plugin: Wacom Dynamic Link Library (Enabled) = C:\Program Files\TabletPlugins\npwacom.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Justin the Hutt\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: ICE Quick Stream = C:\Users\Justin the Hutt\AppData\Local\Google\Chrome\User Data\Default\Extensions\mapljocpedaolbooelchgnkkaplpadgp\1.0\

Hosts file not found
O2 - BHO: (IE7Pro BHO) - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files\IEPro\IEPro.dll (IE7Pro.com)
O2 - BHO: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O3 - HKLM\..\Toolbar: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O3 - HKLM\..\Toolbar: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\IEPro\IEProRecorder.dll ()
O3 - HKCU\..\Toolbar\ShellBrowser: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\IEPro\IEProRecorder.dll ()
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [CarboniteSetupLite] C:\Program Files\Carbonite\CarbonitePreinstaller.exe (Carbonite, Inc.)
O4 - HKLM..\Run: [DA755CAE-D65B-CE23-5DDF-321EE4382854] C:\Windows\System32\DA755CAE-D65B-CE23-5DDF-321EE4382854.avi (CyberLink)
O4 - HKLM..\Run: [DeathAdder] C:\Program Files\Razer\DeathAdder\razerhid.exe ()
O4 - HKLM..\Run: [EzPrint] C:\Program Files\Lexmark 2400 Series\ezprint.exe (Lexmark International Inc.)
O4 - HKLM..\Run: [LXCRCATS] C:\Windows\System32\spool\DRIVERS\W32X86\3\LXCRtime.DLL (Lexmark International Inc.)
O4 - HKLM..\Run: [lxcrmon.exe] C:\Program Files\Lexmark 2400 Series\lxcrmon.exe ()
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [P17RunE] C:\Windows\System32\P17RunE.dll (Creative Technology Ltd.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\Justin the Hutt\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc)
O4 - HKCU..\Run: [fUOfWDexaNHOBg.exe] C:\ProgramData\fUOfWDexaNHOBg.exe ()
O4 - HKCU..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - Startup: C:\Users\Justin the Hutt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ZooskMessenger.lnk = File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: IE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - C:\Program Files\IEPro\IEPro.dll (IE7Pro.com)
O9 - Extra 'Tools' menuitem : IE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - C:\Program Files\IEPro\IEPro.dll (IE7Pro.com)
O9 - Extra Button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\IEPro.dll (IE7Pro.com)
O9 - Extra 'Tools' menuitem : IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\IEPro.dll (IE7Pro.com)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab (System Requirements Lab Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} https://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5C57BEC1-EA59-4588-A4AB-3F6ABEC1CB9A}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6301A938-9ED8-4E48-A86F-15E2DC61C36A}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6301A938-9ED8-4E48-A86F-15E2DC61C36A}: NameServer = 8.8.8.8,8.8.4.4
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Justin the Hutt\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Justin the Hutt\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O35 - HKCU\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found


SafeBootMin: AppMgmt - File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PEVSystemStart - Service
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: procexp90.Sys - Driver
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: AppMgmt - File not found
SafeBootNet: Base - Driver Group
SafeBootNet: BFE - Service
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: MPSSvc - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PEVSystemStart - Service
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: procexp90.Sys - Driver
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - Service
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

Drivers32: msacm.ac3filter - C:\Windows\System32\ac3filter.acm ()
Drivers32: msacm.avis - C:\Windows\System32\ff_acm.acm ()
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Windows\System32\ff_vfw.dll ()
Drivers32: vidc.XVID - C:\Windows\System32\xvidvfw.dll ()

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2011/12/05 17:33:56 | 000,584,192 | -H-- | C] (OldTimer Tools) -- C:\Users\Justin the Hutt\Desktop\OTL.com
[2011/12/05 13:03:13 | 000,128,512 | -HS- | C] (CyberLink) -- C:\Windows\System32\DA755CAE-D65B-CE23-5DDF-321EE4382854.avi
[2011/12/05 13:03:13 | 000,128,512 | -HS- | C] (CyberLink) -- C:\ProgramData\DA755CAE-D65B-CE23-5DDF-321EE4382854.avi
[2011/12/05 13:03:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security Defender
[2011/12/05 13:03:13 | 000,000,000 | ---D | C] -- C:\Program Files\Security Defender
[2011/12/05 08:25:00 | 000,000,000 | -H-D | C] -- C:\Users\Justin the Hutt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Fix
[2011/12/03 12:02:59 | 000,000,000 | --SD | C] -- C:\Commy15704C
[2011/12/03 11:52:17 | 000,324,608 | -H-- | C] (Microsoft Corporation) -- C:\Users\Justin the Hutt\Documents\g0N6o8W.exe
[2011/12/03 11:52:13 | 000,272,384 | -H-- | C] (Microsoft Corporation) -- C:\Users\Justin the Hutt\AppData\Local\nas.exe
[2011/12/02 12:50:48 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2011/11/30 22:05:56 | 000,000,000 | -H-D | C] -- C:\Users\Justin the Hutt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AC3Filter
[2011/11/30 22:04:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX
[2011/11/30 21:46:02 | 014,761,224 | -H-- | C] (Mozilla) -- C:\Users\Justin the Hutt\Desktop\Firefox Setup 8.0.1.exe
[2011/11/30 21:36:37 | 003,552,208 | -H-- | C] (Piriform Ltd) -- C:\Users\Justin the Hutt\Desktop\ccsetup313.exe
[2011/11/30 21:33:22 | 004,780,600 | -H-- | C] (DivX, Inc.) -- C:\Users\Justin the Hutt\Desktop\DivXWebPlayerInstallerv15.exe
[2011/11/30 20:25:25 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2011/11/30 19:59:57 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2011/11/30 19:59:57 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2011/11/30 19:59:57 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2011/11/30 19:59:52 | 000,000,000 | -H-D | C] -- C:\Commy
[2011/11/30 19:59:49 | 000,000,000 | -H-D | C] -- C:\Qoobox
[2011/11/30 18:04:42 | 001,916,416 | -H-- | C] (AVAST Software) -- C:\Users\Justin the Hutt\Desktop\aswMBR.exe
[2011/11/09 19:13:25 | 000,000,000 | -H-D | C] -- C:\Users\Justin the Hutt\AppData\Local\Akamai
[2011/11/09 08:40:05 | 000,000,000 | -H-D | C] -- C:\Temp
[2011/11/09 08:28:55 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Motorola Shared
[2011/11/09 08:28:54 | 000,000,000 | ---D | C] -- C:\Program Files\Motorola
[2011/11/05 18:15:09 | 000,000,000 | -H-D | C] -- C:\Users\Justin the Hutt\Documents\RCT3
[2011/11/05 18:15:09 | 000,000,000 | -H-D | C] -- C:\Users\Justin the Hutt\AppData\Roaming\Atari
[2010/07/25 09:12:51 | 001,224,704 | ---- | C] ( ) -- C:\Windows\System32\lxcrserv.dll
[2010/07/25 09:12:51 | 000,991,232 | ---- | C] ( ) -- C:\Windows\System32\lxcrusb1.dll
[2010/07/25 09:12:51 | 000,643,072 | ---- | C] ( ) -- C:\Windows\System32\lxcrpmui.dll
[2010/07/25 09:12:51 | 000,585,728 | ---- | C] ( ) -- C:\Windows\System32\lxcrlmpm.dll
[2010/07/25 09:12:51 | 000,413,696 | ---- | C] ( ) -- C:\Windows\System32\lxcrinpa.dll
[2010/07/25 09:12:51 | 000,397,312 | ---- | C] ( ) -- C:\Windows\System32\lxcriesc.dll
[2010/07/25 09:12:51 | 000,323,584 | ---- | C] ( ) -- C:\Windows\System32\LXCRhcp.dll
[2010/07/25 09:12:51 | 000,163,840 | ---- | C] ( ) -- C:\Windows\System32\lxcrprox.dll
[2010/07/25 09:12:51 | 000,094,208 | ---- | C] ( ) -- C:\Windows\System32\lxcrpplc.dll
[2010/07/25 09:12:50 | 000,684,032 | ---- | C] ( ) -- C:\Windows\System32\lxcrcomc.dll
[2010/07/25 09:12:50 | 000,537,520 | ---- | C] ( ) -- C:\Windows\System32\lxcrcoms.exe
[2010/07/25 09:12:50 | 000,421,888 | ---- | C] ( ) -- C:\Windows\System32\lxcrcomm.dll
[2010/07/25 09:12:50 | 000,385,968 | ---- | C] ( ) -- C:\Windows\System32\lxcrih.exe
[2009/12/23 13:22:22 | 000,047,360 | -H-- | C] (VSO Software) -- C:\Users\Justin the Hutt\AppData\Roaming\pcouffin.sys

========== Files - Modified Within 30 Days ==========

[2011/12/05 17:42:25 | 000,000,948 | -H-- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-102117945-2110181670-3325598433-1000UA.job
[2011/12/05 17:36:31 | 000,879,649 | -H-- | M] () -- C:\Users\Justin the Hutt\Desktop\SecurityCheck.exe
[2011/12/05 17:35:53 | 001,916,416 | -H-- | M] (AVAST Software) -- C:\Users\Justin the Hutt\Desktop\aswMBR.exe
[2011/12/05 17:34:06 | 000,584,192 | -H-- | M] (OldTimer Tools) -- C:\Users\Justin the Hutt\Desktop\OTL.com
[2011/12/05 17:33:44 | 000,003,664 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/12/05 17:33:44 | 000,003,664 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/12/05 17:24:30 | 000,000,625 | -H-- | M] () -- C:\Users\Justin the Hutt\Application Data\Microsoft\Internet Explorer\Quick Launch\System Fix.lnk
[2011/12/05 14:31:33 | 000,604,264 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/12/05 14:31:33 | 000,103,964 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/12/05 14:26:10 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/12/05 14:26:03 | 2145,308,672 | -HS- | M] () -- C:\hiberfil.sys
[2011/12/05 13:03:13 | 000,128,512 | -HS- | M] (CyberLink) -- C:\Windows\System32\DA755CAE-D65B-CE23-5DDF-321EE4382854.avi
[2011/12/05 13:03:13 | 000,128,512 | -HS- | M] (CyberLink) -- C:\ProgramData\DA755CAE-D65B-CE23-5DDF-321EE4382854.avi
[2011/12/05 13:03:13 | 000,001,758 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\DA755CAE-D65B-CE23-5DDF-321EE4382854.lnk
[2011/12/05 08:26:41 | 000,000,456 | -H-- | M] () -- C:\ProgramData\WfLBCQ5ZZtAqZU
[2011/12/05 08:25:16 | 000,000,312 | -H-- | M] () -- C:\ProgramData\~WfLBCQ5ZZtAqZU
[2011/12/05 08:25:16 | 000,000,216 | -H-- | M] () -- C:\ProgramData\~WfLBCQ5ZZtAqZUr
[2011/12/05 08:25:00 | 000,000,601 | -H-- | M] () -- C:\Users\Justin the Hutt\Desktop\System Fix.lnk
[2011/12/05 08:19:33 | 000,374,784 | -H-- | M] () -- C:\ProgramData\WfLBCQ5ZZtAqZU.exe
[2011/12/05 08:12:38 | 000,472,064 | -H-- | M] () -- C:\ProgramData\fUOfWDexaNHOBg.exe
[2011/12/05 08:05:41 | 232,402,507 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/12/04 22:41:00 | 000,000,896 | -H-- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-102117945-2110181670-3325598433-1000Core.job
[2011/12/04 16:15:05 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2011/12/03 11:56:03 | 000,005,086 | -HS- | M] () -- C:\Users\Justin the Hutt\AppData\Local\683285b1h072q774s634q6wpl2x4
[2011/12/03 11:56:03 | 000,005,086 | -HS- | M] () -- C:\ProgramData\683285b1h072q774s634q6wpl2x4
[2011/12/03 11:52:17 | 000,324,608 | -H-- | M] (Microsoft Corporation) -- C:\Users\Justin the Hutt\Documents\g0N6o8W.exe
[2011/12/03 11:52:13 | 000,272,384 | -H-- | M] (Microsoft Corporation) -- C:\Users\Justin the Hutt\AppData\Local\nas.exe
[2011/11/30 22:04:10 | 000,001,404 | -H-- | M] () -- C:\Users\Justin the Hutt\Desktop\DivX Movies.lnk
[2011/11/30 21:54:10 | 000,000,848 | -H-- | M] () -- C:\Users\Justin the Hutt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ZooskMessenger.lnk
[2011/11/30 21:46:43 | 002,392,722 | -H-- | M] () -- C:\Users\Justin the Hutt\Desktop\ac3filter_1_46.exe
[2011/11/30 21:46:21 | 014,761,224 | -H-- | M] (Mozilla) -- C:\Users\Justin the Hutt\Desktop\Firefox Setup 8.0.1.exe
[2011/11/30 21:36:38 | 003,552,208 | -H-- | M] (Piriform Ltd) -- C:\Users\Justin the Hutt\Desktop\ccsetup313.exe
[2011/11/30 21:33:22 | 004,780,600 | -H-- | M] (DivX, Inc.) -- C:\Users\Justin the Hutt\Desktop\DivXWebPlayerInstallerv15.exe
[2011/11/30 19:37:14 | 000,010,772 | -HS- | M] () -- C:\Users\Justin the Hutt\AppData\Local\i8ac80i1sa4avk
[2011/11/30 19:37:14 | 000,010,772 | -HS- | M] () -- C:\ProgramData\i8ac80i1sa4avk
[2011/11/30 17:40:12 | 084,358,288 | -H-- | M] () -- C:\Users\Justin the Hutt\Desktop\avira_free_antivirus_en.exe
[2011/11/30 07:50:37 | 001,196,746 | -H-- | M] () -- C:\Users\Justin the Hutt\Desktop\Shirt_Template_by_IKorteXI.eps
[2011/11/30 07:50:05 | 000,603,624 | -H-- | M] () -- C:\Users\Justin the Hutt\Desktop\daves shirt.ai
[2011/11/25 18:18:27 | 000,049,664 | -H-- | M] () -- C:\Users\Justin the Hutt\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/11/24 09:20:50 | 613,215,960 | -H-- | M] () -- C:\Users\Justin the Hutt\Desktop\The_Thing_2011_R5_LiNE_XviD_-_MiSTERE2.avi
[2011/11/24 09:08:40 | 614,780,552 | -H-- | M] () -- C:\Users\Justin the Hutt\Desktop\The_Thing_2011_R5_LiNE_XviD_-_MiSTERE1.avi
[2011/11/22 21:16:06 | 000,000,071 | -H-- | M] () -- C:\Users\Justin the Hutt\Desktop\Unzipped Face Tutorial - Zombies.ws.URL
[2011/11/17 20:42:43 | 000,002,092 | -H-- | M] () -- C:\Users\Justin the Hutt\Desktop\Google Chrome.lnk

========== Files Created - No Company Name ==========

[2011/12/05 17:36:30 | 000,879,649 | -H-- | C] () -- C:\Users\Justin the Hutt\Desktop\SecurityCheck.exe
[2011/12/05 17:24:30 | 000,000,625 | -H-- | C] () -- C:\Users\Justin the Hutt\Application Data\Microsoft\Internet Explorer\Quick Launch\System Fix.lnk
[2011/12/05 13:03:13 | 000,001,758 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\DA755CAE-D65B-CE23-5DDF-321EE4382854.lnk
[2011/12/05 08:25:16 | 000,000,216 | -H-- | C] () -- C:\ProgramData\~WfLBCQ5ZZtAqZUr
[2011/12/05 08:25:15 | 000,000,312 | -H-- | C] () -- C:\ProgramData\~WfLBCQ5ZZtAqZU
[2011/12/05 08:25:00 | 000,000,601 | -H-- | C] () -- C:\Users\Justin the Hutt\Desktop\System Fix.lnk
[2011/12/05 08:24:56 | 000,000,456 | -H-- | C] () -- C:\ProgramData\WfLBCQ5ZZtAqZU
[2011/12/05 08:19:33 | 000,374,784 | -H-- | C] () -- C:\ProgramData\WfLBCQ5ZZtAqZU.exe
[2011/12/05 08:16:20 | 000,472,064 | -H-- | C] () -- C:\ProgramData\fUOfWDexaNHOBg.exe
[2011/12/05 06:51:03 | 232,402,507 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2011/12/03 11:52:13 | 000,005,086 | -HS- | C] () -- C:\Users\Justin the Hutt\AppData\Local\683285b1h072q774s634q6wpl2x4
[2011/12/03 11:52:13 | 000,005,086 | -HS- | C] () -- C:\ProgramData\683285b1h072q774s634q6wpl2x4
[2011/11/30 22:05:57 | 000,380,928 | ---- | C] () -- C:\Windows\System32\ac3filter.acm
[2011/11/30 22:03:14 | 000,000,858 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2011/11/30 21:46:43 | 002,392,722 | -H-- | C] () -- C:\Users\Justin the Hutt\Desktop\ac3filter_1_46.exe
[2011/11/30 21:34:19 | 000,001,404 | -H-- | C] () -- C:\Users\Justin the Hutt\Desktop\DivX Movies.lnk
[2011/11/30 19:59:57 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2011/11/30 19:59:57 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2011/11/30 19:59:57 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011/11/30 19:59:57 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011/11/30 19:59:57 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011/11/30 17:38:42 | 084,358,288 | -H-- | C] () -- C:\Users\Justin the Hutt\Desktop\avira_free_antivirus_en.exe
[2011/11/30 07:44:53 | 000,010,772 | -HS- | C] () -- C:\Users\Justin the Hutt\AppData\Local\i8ac80i1sa4avk
[2011/11/30 07:44:53 | 000,010,772 | -HS- | C] () -- C:\ProgramData\i8ac80i1sa4avk
[2011/11/24 09:10:22 | 613,215,960 | -H-- | C] () -- C:\Users\Justin the Hutt\Desktop\The_Thing_2011_R5_LiNE_XviD_-_MiSTERE2.avi
[2011/11/24 08:58:59 | 614,780,552 | -H-- | C] () -- C:\Users\Justin the Hutt\Desktop\The_Thing_2011_R5_LiNE_XviD_-_MiSTERE1.avi
[2011/11/22 21:16:06 | 000,000,071 | -H-- | C] () -- C:\Users\Justin the Hutt\Desktop\Unzipped Face Tutorial - Zombies.ws.URL
[2011/11/16 21:37:02 | 000,603,624 | -H-- | C] () -- C:\Users\Justin the Hutt\Desktop\daves shirt.ai
[2011/03/21 16:57:11 | 000,208,482 | ---- | C] () -- C:\Windows\hpoins41.dat.temp
[2011/03/21 16:57:11 | 000,001,112 | ---- | C] () -- C:\Windows\hpomdl41.dat.temp
[2011/03/03 14:13:07 | 000,207,836 | ---- | C] () -- C:\Windows\hpoins41.dat
[2010/10/13 19:38:26 | 000,000,331 | ---- | C] () -- C:\Windows\doom3.ini
[2010/09/18 21:57:58 | 000,000,602 | ---- | C] () -- C:\Windows\eReg.dat
[2010/09/06 14:47:58 | 000,165,376 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2010/07/26 09:13:40 | 000,108,032 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2010/07/25 09:12:51 | 000,274,432 | ---- | C] () -- C:\Windows\System32\LXCRinst.dll
[2010/06/23 11:35:52 | 000,790,528 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2010/06/23 11:35:52 | 000,134,144 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2010/02/25 11:27:44 | 000,009,338 | -HS- | C] () -- C:\Users\Justin the Hutt\AppData\Local\RHpCMfQD4
[2010/01/29 16:04:24 | 000,001,112 | ---- | C] () -- C:\Windows\hpomdl41.dat
[2009/12/26 22:46:00 | 000,003,348 | ---- | C] () -- C:\Windows\System32\ludap17.ini
[2009/12/26 22:46:00 | 000,002,191 | ---- | C] () -- C:\Windows\P17EP.ini
[2009/12/26 22:46:00 | 000,001,694 | ---- | C] () -- C:\Windows\P17EP51.ini
[2009/12/26 22:45:59 | 000,000,054 | ---- | C] () -- C:\Windows\System32\ctzapxx.ini
[2009/12/23 13:22:22 | 000,007,887 | -H-- | C] () -- C:\Users\Justin the Hutt\AppData\Roaming\pcouffin.cat
[2009/12/23 13:22:22 | 000,001,144 | -H-- | C] () -- C:\Users\Justin the Hutt\AppData\Roaming\pcouffin.inf
[2009/12/06 22:26:44 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/11/13 15:17:18 | 000,000,147 | -H-- | C] () -- C:\Users\Justin the Hutt\AppData\Roaming\default.rss
[2009/10/08 06:54:46 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2009/09/30 22:32:35 | 000,000,030 | ---- | C] () -- C:\Windows\Q3version.ini
[2009/09/30 22:23:19 | 000,000,551 | ---- | C] () -- C:\Windows\Qiii.INI
[2009/08/25 19:39:15 | 000,364,192 | -H-- | C] () -- C:\Windows\System32\atwtusb.exe
[2009/08/25 19:39:15 | 000,102,048 | ---- | C] () -- C:\Windows\RmTablet.exe
[2009/08/25 19:39:15 | 000,052,896 | ---- | C] () -- C:\Windows\System32\InstallService.exe
[2009/08/25 19:39:14 | 000,006,355 | ---- | C] () -- C:\Windows\aiptbl.ini
[2009/07/21 09:01:38 | 000,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009/07/21 09:01:38 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2009/07/06 18:02:01 | 000,049,664 | -H-- | C] () -- C:\Users\Justin the Hutt\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/06/13 07:40:58 | 000,067,072 | -H-- | C] () -- C:\Windows\System32\drivers\cdrom.sys
[2009/06/11 08:21:18 | 000,000,025 | ---- | C] () -- C:\Windows\cdplayer.ini
[2009/06/09 19:39:33 | 000,001,356 | -H-- | C] () -- C:\Users\Justin the Hutt\AppData\Local\d3d9caps.dat
[2007/02/05 19:05:26 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI
[2007/01/10 06:44:26 | 001,457,024 | R--- | C] () -- C:\Windows\System32\SSCProt.dll
[2006/12/05 14:07:16 | 000,032,256 | ---- | C] () -- C:\Windows\System32\dzbryce6.dll
[2006/12/05 14:00:56 | 000,180,224 | ---- | C] () -- C:\Windows\System32\dzwrapper.dll
[2006/12/05 14:00:44 | 006,144,000 | ---- | C] () -- C:\Windows\System32\dzcore.dll
[2006/11/30 11:32:52 | 000,344,064 | ---- | C] () -- C:\Windows\System32\lxcrcoin.dll
[2006/11/20 15:25:16 | 001,343,488 | ---- | C] () -- C:\Windows\System32\daz-qsa.dll
[2006/11/20 15:25:02 | 004,984,832 | ---- | C] () -- C:\Windows\System32\daz-qt-mt.dll
[2006/11/02 07:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 07:47:37 | 003,750,224 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 07:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 05:33:01 | 000,604,264 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 05:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 05:33:01 | 000,103,964 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 05:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 05:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 03:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 03:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 02:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 02:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006/08/14 16:01:48 | 000,065,536 | ---- | C] () -- C:\Windows\System32\lxcrcaps.dll
[2006/08/08 14:58:04 | 000,692,224 | ---- | C] () -- C:\Windows\System32\lxcrdrs.dll
[2006/03/23 03:33:20 | 000,040,960 | ---- | C] () -- C:\Windows\System32\lxcrvs.dll
[2005/12/20 11:54:04 | 000,061,440 | ---- | C] () -- C:\Windows\System32\lxcrcnv4.dll
[2003/01/07 10:05:08 | 000,002,695 | ---- | C] () -- C:\Windows\System32\OUTLPERF.INI
[2000/01/27 23:00:00 | 000,061,440 | ---- | C] () -- C:\Windows\System32\wrkgadm.exe
[2000/01/27 23:00:00 | 000,012,288 | ---- | C] () -- C:\Windows\System32\HLINKPRX.DLL

========== Custom Scans ==========


< %APPDATA%\Microsoft\*.* >

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %USERPROFILE%\Desktop\*.exe >
[2011/11/30 21:46:43 | 002,392,722 | -H-- | M] () -- C:\Users\Justin the Hutt\Desktop\ac3filter_1_46.exe
[2011/12/05 17:35:53 | 001,916,416 | -H-- | M] (AVAST Software) -- C:\Users\Justin the Hutt\Desktop\aswMBR.exe
[2011/11/30 17:40:12 | 084,358,288 | -H-- | M] () -- C:\Users\Justin the Hutt\Desktop\avira_free_antivirus_en.exe
[2011/11/30 21:36:38 | 003,552,208 | -H-- | M] (Piriform Ltd) -- C:\Users\Justin the Hutt\Desktop\ccsetup313.exe
[2011/11/30 21:33:22 | 004,780,600 | -H-- | M] (DivX, Inc.) -- C:\Users\Justin the Hutt\Desktop\DivXWebPlayerInstallerv15.exe
[2011/11/30 21:46:21 | 014,761,224 | -H-- | M] (Mozilla) -- C:\Users\Justin the Hutt\Desktop\Firefox Setup 8.0.1.exe
[2011/12/05 17:36:31 | 000,879,649 | -H-- | M] () -- C:\Users\Justin the Hutt\Desktop\SecurityCheck.exe

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\winn32\*.* >

< %USERPROFILE%\My Documents\*.exe >

< %USERPROFILE%\*.exe >

< %PROGRAMFILES%\Mozilla Firefox\*.exe >
[2011/11/20 23:04:51 | 000,125,912 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\crashreporter.exe
[2011/11/20 23:04:51 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
[2011/11/20 23:04:51 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
[2011/11/20 23:04:51 | 000,269,272 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\updater.exe

< %ProgramFiles%\TinyProxy. >

< %systemroot%\system32\*.* /lockedfiles >
[2011/12/05 17:33:44 | 000,003,664 | -H-- | M] () Unable to obtain MD5 -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/12/05 17:33:44 | 000,003,664 | -H-- | M] () Unable to obtain MD5 -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.* /lockedfiles >
[2008/01/19 00:49:51 | 000,067,072 | -H-- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\cdrom.sys

descriptionSystem Fix EmptyRe: System Fix6th December 2011, 12:30 am

more_horiz
< %PROGRAMFILES%\*. >
[2009/06/16 12:23:13 | 000,000,000 | ---D | M] -- C:\Program Files\7-Zip
[2011/11/30 22:05:57 | 000,000,000 | ---D | M] -- C:\Program Files\AC3Filter
[2011/04/03 08:23:43 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe
[2011/04/03 08:22:28 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe Media Player
[2011/06/09 19:23:22 | 000,000,000 | ---D | M] -- C:\Program Files\AnvSoft
[2010/03/08 17:59:28 | 000,000,000 | ---D | M] -- C:\Program Files\Apple Software Update
[2011/12/03 11:57:52 | 000,000,000 | ---D | M] -- C:\Program Files\Avira
[2010/09/06 15:27:07 | 000,000,000 | ---D | M] -- C:\Program Files\Bing Bar Installer
[2010/03/24 12:47:00 | 000,000,000 | ---D | M] -- C:\Program Files\Bonjour
[2009/07/28 13:28:33 | 000,000,000 | ---D | M] -- C:\Program Files\Carbonite
[2011/11/30 21:36:56 | 000,000,000 | ---D | M] -- C:\Program Files\CCleaner
[2010/07/05 10:38:10 | 000,000,000 | ---D | M] -- C:\Program Files\CDisplay
[2010/02/20 14:15:26 | 000,000,000 | ---D | M] -- C:\Program Files\championBuilder
[2011/01/30 10:55:11 | 000,000,000 | ---D | M] -- C:\Program Files\City of Heroes
[2011/11/30 20:12:49 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files
[2011/12/05 14:22:28 | 000,000,000 | -H-D | M] -- C:\Program Files\Cryptic Studios
[2009/08/31 23:00:34 | 000,000,000 | ---D | M] -- C:\Program Files\DAZ
[2009/06/09 19:42:35 | 000,000,000 | ---D | M] -- C:\Program Files\Dell
[2011/11/30 22:04:13 | 000,000,000 | ---D | M] -- C:\Program Files\DivX
[2011/12/05 14:22:28 | 000,000,000 | -H-D | M] -- C:\Program Files\DOOM 3
[2009/11/13 16:02:37 | 000,000,000 | ---D | M] -- C:\Program Files\DVD Flick
[2010/03/12 13:12:29 | 000,000,000 | ---D | M] -- C:\Program Files\Electronic Arts
[2011/12/02 12:50:48 | 000,000,000 | ---D | M] -- C:\Program Files\ESET
[2011/07/04 22:14:39 | 000,000,000 | ---D | M] -- C:\Program Files\HP
[2011/03/03 14:25:45 | 000,000,000 | ---D | M] -- C:\Program Files\HP Photo Creations
[2010/07/02 17:07:42 | 000,000,000 | ---D | M] -- C:\Program Files\IEPro
[2011/06/09 19:19:57 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2011/06/21 09:23:37 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2011/04/27 17:29:18 | 000,000,000 | ---D | M] -- C:\Program Files\Java
[2010/09/06 15:03:40 | 000,000,000 | ---D | M] -- C:\Program Files\K-Lite Codec Pack
[2010/07/25 09:13:08 | 000,000,000 | ---D | M] -- C:\Program Files\Lexmark 2400 Series
[2010/07/25 09:20:40 | 000,000,000 | ---D | M] -- C:\Program Files\Lexmark Toolbar
[2010/07/25 09:50:02 | 000,000,000 | ---D | M] -- C:\Program Files\lx_cats
[2009/08/31 22:13:10 | 000,000,000 | ---D | M] -- C:\Program Files\MagicDisc
[2009/08/31 21:26:11 | 000,000,000 | ---D | M] -- C:\Program Files\MagicISO
[2010/04/17 16:13:47 | 000,000,000 | ---D | M] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/09/18 21:55:21 | 000,000,000 | ---D | M] -- C:\Program Files\Maxis
[2009/06/11 08:17:36 | 000,000,000 | ---D | M] -- C:\Program Files\Media Player Classic
[2009/12/01 10:21:40 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft
[2009/10/08 06:53:36 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft ActiveSync
[2006/11/02 07:37:34 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Games
[2010/09/18 21:55:48 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Office
[2011/11/30 07:53:39 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Silverlight
[2010/06/29 09:05:04 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft.NET
[2011/12/03 11:59:30 | 000,000,000 | ---D | M] -- C:\Program Files\Motorola
[2010/08/17 09:19:48 | 000,000,000 | ---D | M] -- C:\Program Files\Movie Maker
[2011/11/30 22:03:10 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox
[2006/11/02 07:37:34 | 000,000,000 | ---D | M] -- C:\Program Files\MSBuild
[2010/09/06 15:26:21 | 000,000,000 | ---D | M] -- C:\Program Files\MSN Toolbar
[2009/11/17 10:01:13 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 4.0
[2009/11/13 14:26:03 | 000,000,000 | ---D | M] -- C:\Program Files\Nero
[2010/12/08 17:41:32 | 000,000,000 | ---D | M] -- C:\Program Files\NVIDIA Corporation
[2010/04/06 17:48:19 | 000,000,000 | ---D | M] -- C:\Program Files\Pixologic
[2009/09/30 22:49:35 | 000,000,000 | ---D | M] -- C:\Program Files\Quake III Arena
[2011/05/11 07:30:18 | 000,000,000 | ---D | M] -- C:\Program Files\QuickMediaConverter
[2010/11/03 06:34:57 | 000,000,000 | ---D | M] -- C:\Program Files\QuickTime
[2010/08/27 22:52:35 | 000,000,000 | ---D | M] -- C:\Program Files\Razer
[2009/06/11 08:20:43 | 000,000,000 | ---D | M] -- C:\Program Files\Real
[2006/11/02 07:37:34 | 000,000,000 | ---D | M] -- C:\Program Files\Reference Assemblies
[2011/11/05 17:43:44 | 000,000,000 | ---D | M] -- C:\Program Files\Roller Coaster Tycoon 3 Platinum - CarlesNeo !
[2011/12/05 13:03:13 | 000,000,000 | ---D | M] -- C:\Program Files\Security Defender
[2009/06/09 16:59:24 | 000,000,000 | ---D | M] -- C:\Program Files\SystemRequirementsLab
[2011/01/19 09:39:30 | 000,000,000 | ---D | M] -- C:\Program Files\Tablet
[2011/01/19 09:39:25 | 000,000,000 | ---D | M] -- C:\Program Files\TabletPlugins
[2006/11/02 08:01:55 | 000,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information
[2009/12/23 22:10:46 | 000,000,000 | ---D | M] -- C:\Program Files\URUSoft
[2011/04/19 09:27:45 | 000,000,000 | ---D | M] -- C:\Program Files\uTorrent
[2010/07/07 10:02:33 | 000,000,000 | ---D | M] -- C:\Program Files\VideoLAN
[2010/09/06 15:24:12 | 000,000,000 | ---D | M] -- C:\Program Files\VistaCodecPack
[2009/12/23 15:45:28 | 000,000,000 | ---D | M] -- C:\Program Files\VSO
[2009/07/19 19:28:48 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Calendar
[2009/07/19 19:28:47 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Collaboration
[2009/07/19 19:28:45 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Defender
[2009/07/19 19:28:47 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Journal
[2009/12/01 10:22:02 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Live
[2009/07/01 08:37:54 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Live SkyDrive
[2011/06/21 09:02:07 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Mail
[2010/10/19 09:22:03 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Player
[2006/11/02 07:37:34 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT
[2009/07/19 19:28:46 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Photo Gallery
[2009/07/19 19:28:48 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Sidebar
[2011/01/19 09:39:26 | 000,000,000 | ---D | M] -- C:\Program Files\WTouch
[2011/04/27 18:02:48 | 000,000,000 | ---D | M] -- C:\Program Files\Yahoo!


< MD5 for: AGP440.SYS >
[2008/01/19 02:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008/01/19 02:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008/01/19 02:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006/11/02 04:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\ERDNT\cache\AGP440.sys
[2006/11/02 04:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\drivers\AGP440.sys
[2006/11/02 04:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009/04/11 01:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\SoftwareDistribution\Download\cde11068f5b77b180111333ef9781925\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008/01/19 02:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008/01/19 02:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006/11/02 04:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2006/11/22 09:57:00 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=5653737BAD8C6C10136451C195C19881 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20485_none_db8a029f3dbd443b\atapi.sys
[2006/11/22 09:57:00 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=A779CA2C76DA4FCB595E692C05E8E4EB -- C:\Windows\ERDNT\cache\atapi.sys
[2006/11/22 09:57:00 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=A779CA2C76DA4FCB595E692C05E8E4EB -- C:\Windows\System32\drivers\atapi.sys
[2006/11/22 09:57:00 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=A779CA2C76DA4FCB595E692C05E8E4EB -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_82339ef2\atapi.sys
[2006/11/22 09:57:00 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=A779CA2C76DA4FCB595E692C05E8E4EB -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16391_none_daf194c024ab5b06\atapi.sys
[2009/06/09 18:47:39 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_7de13c21\atapi.sys
[2009/06/09 18:47:39 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_db337a442479c42c\atapi.sys
[2009/06/09 18:47:38 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_dbac78a93da31a8b\atapi.sys

< MD5 for: DISK.SYS >
[2009/04/11 01:32:31 | 000,053,736 | ---- | M] (Microsoft Corporation) MD5=5D4AEFC3386920236A548271F8F1AF6A -- C:\Windows\SoftwareDistribution\Download\cde11068f5b77b180111333ef9781925\x86_disk.inf_31bf3856ad364e35_6.0.6002.18005_none_fbb1faf0714e4ea6\disk.sys
[2008/01/19 02:42:20 | 000,055,352 | ---- | M] (Microsoft Corporation) MD5=64109E623ABD6955C8FB110B592E68B7 -- C:\Windows\System32\drivers\disk.sys
[2008/01/19 02:42:20 | 000,055,352 | ---- | M] (Microsoft Corporation) MD5=64109E623ABD6955C8FB110B592E68B7 -- C:\Windows\System32\DriverStore\FileRepository\disk.inf_90722180\disk.sys
[2008/01/19 02:42:20 | 000,055,352 | ---- | M] (Microsoft Corporation) MD5=64109E623ABD6955C8FB110B592E68B7 -- C:\Windows\winsxs\x86_disk.inf_31bf3856ad364e35_6.0.6001.18000_none_f9c681e4742c835a\disk.sys
[2006/11/02 04:49:51 | 000,052,840 | ---- | M] (Microsoft Corporation) MD5=841AF4C4D41D3E3B2F244E976B0F7963 -- C:\Windows\System32\DriverStore\FileRepository\disk.inf_e0b0b355\disk.sys

< MD5 for: NETLOGON.DLL >
[2006/11/02 04:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll
[2009/04/11 01:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\SoftwareDistribution\Download\cde11068f5b77b180111333ef9781925\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008/01/19 02:35:36 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\ERDNT\cache\netlogon.dll
[2008/01/19 02:35:36 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\System32\netlogon.dll
[2008/01/19 02:35:36 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll

< MD5 for: NVSTOR.SYS >
[2006/11/02 04:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\drivers\nvstor.sys
[2006/11/02 04:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008/01/19 02:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008/01/19 02:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-11-25 06:23:23

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2011/11/20 23:04:51 | 000,713,600 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2011/11/20 23:04:51 | 000,713,600 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2011/11/20 23:04:51 | 000,713,600 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2011/11/20 23:04:51 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2011/11/20 23:04:51 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2011/11/20 23:04:51 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\system32\ie4uinit.exe" -hide [2011/05/27 23:32:51 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\system32\ie4uinit.exe" -show [2011/05/27 23:32:51 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\system32\ie4uinit.exe" -reinstall [2011/05/27 23:32:51 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2011/05/28 01:09:21 | 000,638,232 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\Program Files\Internet Explorer\IEXPLORE.EXE" [2011/05/28 01:09:21 | 000,638,232 | ---- | M] (Microsoft Corporation)

< hklm\software\clients\startmenuinternet|command /64 /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2011/11/20 23:04:51 | 000,713,600 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2011/11/20 23:04:51 | 000,713,600 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2011/11/20 23:04:51 | 000,713,600 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2011/11/20 23:04:51 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2011/11/20 23:04:51 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2011/11/20 23:04:51 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\system32\ie4uinit.exe" -hide [2011/05/27 23:32:51 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\system32\ie4uinit.exe" -show [2011/05/27 23:32:51 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\system32\ie4uinit.exe" -reinstall [2011/05/27 23:32:51 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2011/05/28 01:09:21 | 000,638,232 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\Program Files\Internet Explorer\IEXPLORE.EXE" [2011/05/28 01:09:21 | 000,638,232 | ---- | M] (Microsoft Corporation)

========== Alternate Data Streams ==========

@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:D1B5B4F1

< End of report >

descriptionSystem Fix EmptyRe: System Fix6th December 2011, 12:48 am

more_horiz
aswMBR log:


aswMBR version 0.9.8.986 Copyright(c) 2011 AVAST Software
Run date: 2011-12-05 19:40:59
-----------------------------
19:40:59.001 OS Version: Windows 6.0.6001 Service Pack 1
19:40:59.001 Number of processors: 2 586 0xF02
19:40:59.017 ComputerName: HAL UserName:
19:41:27.409 Initialize success
19:41:32.758 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
19:41:32.773 Disk 0 Vendor: WDC_WD10 01.0 Size: 953869MB BusType: 3
19:41:32.789 Disk 0 MBR read successfully
19:41:32.789 Disk 0 MBR scan
19:41:32.789 Disk 0 Windows VISTA default MBR code
19:41:32.804 Disk 0 scanning sectors +1953521664
19:41:32.914 Disk 0 scanning C:\Windows\system32\drivers
19:41:52.616 Service scanning
19:41:53.864 Modules scanning
19:42:04.597 Disk 0 trace - called modules:
19:42:04.628 ntkrnlpa.exe CLASSPNP.SYS disk.sys iastorv.sys hal.dll
19:42:04.628 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85f101b8]
19:42:04.628 3 CLASSPNP.SYS[8879d745] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x8488 Results of screen317's Security Check version 0.99.28
Windows Vista Service Pack 1 x86
Out of date service pack!!
Internet Explorer 8 Out of date!
``````````````````````````````
Antivirus/Firewall Check:
Windows Security Center service is not running! This report may not be accurate!
Avira AntiVir Personal - Free Antivirus
ESET Online Scanner v3
WMI entry may not exist for antivirus; attempting automatic update.
Avira successfully updated!
```````````````````````````````
Anti-malware/Other Utilities Check:
Malwarebytes' Anti-Malware
CCleaner
Java(TM) 6 Update 24
Java version out of date!
Adobe Flash Player ( 10.3.181.26) Flash Player out of Date!
Adobe Reader 9 Adobe Reader out of date!
Mozilla Firefox (8.0.1)
````````````````````````````````
Process Check:
objlist.exe by Laurent
Avira Antivir avgnt.exe
Avira Antivir avguard.exe
``````````End of Log````````````
4030]


19:42:04.644 Scan finished successfully
19:43:01.887 Disk 0 MBR has been saved successfully to "I:\MBR.dat"
19:43:01.887 The log file has been saved successfully to "I:\aswMBR.txt"

Security Check log:

descriptionSystem Fix EmptyRe: System Fix6th December 2011, 10:40 pm

more_horiz
Any help would be greatly appreciated... My computer is pretty much junk now. I have to borrow a friends laptop to even post on the forum.

descriptionSystem Fix EmptyRe: System Fix7th December 2011, 1:18 am

more_horiz
Hello.

Please run OTL.exe.

  • Copy the commands with file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):

    Code:


    :OTL
    PRC - [2011/12/05 08:19:33 | 000,374,784 | -H-- | M] () -- C:\ProgramData\WfLBCQ5ZZtAqZU.exe
    PRC - [2011/12/05 08:12:38 | 000,472,064 | -H-- | M] () -- C:\ProgramData\fUOfWDexaNHOBg.exe
    O4 - HKCU..\Run: [fUOfWDexaNHOBg.exe] C:\ProgramData\fUOfWDexaNHOBg.exe ()
    [2011/12/03 11:52:13 | 000,005,086 | -HS- | C] () -- C:\Users\Justin the Hutt\AppData\Local\683285b1h072q774s634q6wpl2x4
    [2011/12/03 11:52:13 | 000,005,086 | -HS- | C] () -- C:\ProgramData\683285b1h072q774s634q6wpl2x4
    [2011/12/05 17:24:30 | 000,000,625 | -H-- | C] () -- C:\Users\Justin the Hutt\Application Data\Microsoft\Internet Explorer\Quick Launch\System Fix.lnk
    [2011/12/05 13:03:13 | 000,001,758 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\DA755CAE-D65B-CE23-5DDF-321EE4382854.lnk
    [2011/12/05 08:25:16 | 000,000,216 | -H-- | C] () -- C:\ProgramData\~WfLBCQ5ZZtAqZUr
    [2011/12/05 08:25:15 | 000,000,312 | -H-- | C] () -- C:\ProgramData\~WfLBCQ5ZZtAqZU
    [2011/12/05 08:25:00 | 000,000,601 | -H-- | C] () -- C:\Users\Justin the Hutt\Desktop\System Fix.lnk
    [2011/12/05 08:24:56 | 000,000,456 | -H-- | C] () -- C:\ProgramData\WfLBCQ5ZZtAqZU
    [2011/12/05 08:19:33 | 000,374,784 | -H-- | C] () -- C:\ProgramData\WfLBCQ5ZZtAqZU.exe
    [2011/12/05 08:16:20 | 000,472,064 | -H-- | C] () -- C:\ProgramData\fUOfWDexaNHOBg.exe

    :commands
    [emptytemp]
    [emptyflash]
    [reboot]


  • Return to OTL, right click in the "Custom Scans/Fixes" window (under the light green bar) and choose Paste.

  • Click the red Run Fix button.
  • A fix log in Notepad will appear. Copy the contents of the fix log to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
  • Close OTL.exe
If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.

............................................................................................

Site Admin / Security Administrator

Virus Removal ~ OS Support ~ Have we helped you? Help us! ~ GeekChat
- Please PM me if I fail to respond within 24hrs.
System Fix DXwU4
System Fix VvYDg

descriptionSystem Fix EmptyRe: System Fix7th December 2011, 12:48 pm

more_horiz
Ok, so the first time I ran OTL it froze the system half way through... I had to restart the pc and when it came back up I had all my desktop icons but no text log from OTL. I ran OTL a second time and it froze again but much further along in the process. Again I restarted the computer but this time a text log was there but none of my desktop icons again. Here is all the text log said:


Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

descriptionSystem Fix EmptyRe: System Fix8th December 2011, 2:13 am

more_horiz
Ran it again because of the crashes... made it all the way through this time. Here is the log:

All processes killed
========== OTL ==========
No active process named WfLBCQ5ZZtAqZU.exe was found!
No active process named fUOfWDexaNHOBg.exe was found!
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\fUOfWDexaNHOBg.exe not found.
File C:\ProgramData\fUOfWDexaNHOBg.exe not found.
File C:\Users\Justin the Hutt\AppData\Local\683285b1h072q774s634q6wpl2x4 not found.
File C:\ProgramData\683285b1h072q774s634q6wpl2x4 not found.
File C:\Users\Justin the Hutt\Application Data\Microsoft\Internet Explorer\Quick Launch\System Fix.lnk not found.
File C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\DA755CAE-D65B-CE23-5DDF-321EE4382854.lnk not found.
File C:\ProgramData\~WfLBCQ5ZZtAqZUr not found.
File C:\ProgramData\~WfLBCQ5ZZtAqZU not found.
File C:\Users\Justin the Hutt\Desktop\System Fix.lnk not found.
File C:\ProgramData\WfLBCQ5ZZtAqZU not found.
File C:\ProgramData\WfLBCQ5ZZtAqZU.exe not found.
File C:\ProgramData\fUOfWDexaNHOBg.exe not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Justin the Hutt
->Temp folder emptied: 80245 bytes
->Temporary Internet Files folder emptied: 215339855 bytes
->Java cache emptied: 55058328 bytes
->FireFox cache emptied: 299560524 bytes
->Google Chrome cache emptied: 7389381 bytes
->Flash cache emptied: 60947 bytes

User: Mcx1
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Flash cache emptied: 56504 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1452297 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 619895 bytes

Total Files Cleaned = 553.00 mb


[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Justin the Hutt
->Flash cache emptied: 0 bytes

User: Mcx1
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0.00 mb


OTL by OldTimer - Version 3.2.31.0 log created on 12072011_210704

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

descriptionSystem Fix EmptyRe: System Fix8th December 2011, 2:13 am

more_horiz
Still no programs showing up on my desktop or start menu though

descriptionSystem Fix EmptyRe: System Fix9th December 2011, 1:54 pm

more_horiz
Hello.
Not a problem, they are just hidden, lets see if we can unhide them.

Please download ComboFix System Fix Combofix from BleepingComputer.com

Alternate link: GeeksToGo.com


Rename ComboFix.exe to commy.exe before you save it to your Desktop

  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools A guide to do this can be found here
  • Click Start then copy paste the following command into the search box & hit enter: "%userprofile%\desktop\commy.exe" /stepdel
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. This will not install in Vista. Just continue scanning, and skip the console install.
  • When finished, it shall produce a log for you. Please include the contents of C:\ComboFix.txt in your next reply.

............................................................................................

Site Admin / Security Administrator

Virus Removal ~ OS Support ~ Have we helped you? Help us! ~ GeekChat
- Please PM me if I fail to respond within 24hrs.
System Fix DXwU4
System Fix VvYDg

descriptionSystem Fix EmptyRe: System Fix10th December 2011, 4:22 am

more_horiz
I ran commy and even though I double and tripple checked that my antivirus was turned off, commy still recognized it as being on... after trying for like 20 mins I ran it anyway and it never finished scanning after 2 hours. It said 10 mins is normal but it could take 20. I assumed after 2 hours it had froze. I reset the computer and there was no log in the file. what should I do?

descriptionSystem Fix EmptyRe: System Fix12th December 2011, 12:23 am

more_horiz
Try running it again, if it freezes again, we'll use something else.

............................................................................................

Site Admin / Security Administrator

Virus Removal ~ OS Support ~ Have we helped you? Help us! ~ GeekChat
- Please PM me if I fail to respond within 24hrs.
System Fix DXwU4
System Fix VvYDg

descriptionSystem Fix EmptyRe: System Fix12th December 2011, 3:57 am

more_horiz
It did the same thing... I let it go for a few hours and came back and it was froze up again.

descriptionSystem Fix EmptyRe: System Fix14th December 2011, 10:30 pm

more_horiz
Okay re-run OTL and post the new log, see if anything got missed.

............................................................................................

Site Admin / Security Administrator

Virus Removal ~ OS Support ~ Have we helped you? Help us! ~ GeekChat
- Please PM me if I fail to respond within 24hrs.
System Fix DXwU4
System Fix VvYDg

descriptionSystem Fix EmptyRe: System Fix

more_horiz
privacy_tip Permissions in this forum:
You cannot reply to topics in this forum